﻿using System.Collections.Generic;
using System.Text.RegularExpressions;
using System.Web;

namespace SecurityModule.Workflows
{
    class WFGetHomeLogin : SimpleWorkflow
    {
        public WFGetHomeLogin()
        {
            Verb = "GET";
            Path = "/Home/Login";
        }

        public override void PreProcessImplementation(HttpContext context)
        {
            //inject YubikeyOTP input using replace
            context.Response.Filter = new ReplaceFilter(context.Response.Filter,
                context.Response.ContentEncoding,
                content =>
                {
                    content = content.Replace("{{YubikeyOTP}}",
                                                @"<label class='control-label' for='YubikeyOTP'>Yubikey</label><input name='YubikeyOTP' type='text' class='form-control'>");
                    // the user should trust the sensitve information they provide in this page will never be visible to the app directly, all JS code (except for trusted sources) should be cleaned to prevent potential AJAX calls
                    //content = content.RemoveEventsAndScripts();
                    return content;
                }
            );

        }

        public override void PostProcessImplementation(HttpContext context)
        {

        }
    }
}
